DESCRIPTION:Multiple vulnerabilities have been discovered in Exim, the most severeof which could allow for remote code execution. Exim is a mail transferagent used to deploy mail servers on Unix-like systems. Successfulexploitation of the most severe of these vulnerabilities will enable theattacker to perform command execution as root in the context of the mailserver. An attacker could then install programs; view, change, or deletedata; or create...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco HyperFlex HXsoftware, the most severe of which could allow for arbitrary codeexecution. The Cisco HyperFlex HX Series is Cisco’s a convergedinfrastructure system that integrates computing, networking and storageresources to increase efficiency and enable centralized management. Thisproduct contains a web-based interface which allows user can access tomanage the device. Successful exploitation of the most severe of thesevulnerabilities within the...
Read More
DESCRIPTION:A vulnerability has been discovered in HPE Edgeline InfrastructureManager Software that could allow for remote code execution. HPEEdgeline Infrastructure Manager Software was made to aggregate themanagement of Edgeline ComputeDevices. It is delivered as a VirtualMachine image (OVA) targeted at running on VMware ESXi, workstation,orplayer. Edgeline Infrastructure Manager supports discovery, monitoring,and management of EdgelineConverged Edge Systems. Successful exploitation of this vulnerability could result in remotecode execution...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of a privileged process....
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution. Details of these vulnerabilities are as follows: iOS 14.5.1 and iPadOS 14.5.1* A memory corruption issue was addressed with improved state management. (CVE-2021-30665)* An integer overflow was addressed with improved input validation. (CVE-2021-30663) iOS 12.5.3* A buffer overflow issue was addressed with improved memory handling. (CVE-2021-30666)*...
Read More
The Qualys Research Team has discovered multiple critical vulnerabilities in the Exim mail server, some of the which can be chained together to obtain full remote unauthenticated code execution and gain root privileges. The 21Nails vulnerabilities, if left unpatched, could allow threat actors to take over these systems and then intercept or tamper with email communications passing through the Exim server. 11 issues are local...
Read More
